CodeQL documentation
CodeQL resources
CodeQL overview
CodeQL guides
Writing CodeQL queries
CodeQL language guides
Reference docs
QL language reference
CodeQL standard-libraries
CodeQL query help
Source files
CodeQL repository
Academic
QL publications
CodeQL query help for C and C++
CodeQL query help for C#
CodeQL query help for GitHub Actions
CodeQL query help for Go
Arbitrary file access during archive extraction (”Zip Slip”)
Arbitrary file write extracting an archive containing symbolic links
Bad redirect check
Bitwise exclusive-or used like exponentiation
Clear-text logging of sensitive information
Command built from user-controlled sources
Comparison of identical values
Constant length comparison
Cookie ‘HttpOnly’ attribute is not set to true
Cookie ‘Secure’ attribute is not set to true
Cross-site scripting via HTML template escaping bypass
Database query built from user-controlled sources
Disabled TLS certificate check